Why does Fedora do this with iptables?
Michael Schwendt
mschwendt at gmail.com
Tue Sep 11 00:59:43 UTC 2007
On 11/09/2007, Michael Klinosky <mpk2 at enter.net> wrote:
> I have F7, and believe that FC6 also did this.
>
> I'd like to know why Fedora creates a user-defined chain -
> "RH-Firewall-1-INPUT". Is that better than putting the rules into INPUT?
With iptables/netfilter, user-defined chains are *essential* for many
firewall implementation details. There are some things you cannot do
without using user-defined chains (e.g. a logical AND for certain
types of traffic). Get used to it.
More information about the fedora-list
mailing list